Skip to content

Introduce ReceiveAuthKey verification for Blinded Payment Paths #4126

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Introduce ReceiveAuthKey verification for Blinded Payment Paths #4126

wants to merge 2 commits into from

Conversation

shaavan
Copy link
Member

@shaavan shaavan commented Sep 25, 2025

Building on the goals set forth in #3917, this PR introduces ReceiveAuthKey-based verification for Blinded Payment Paths.

Key Outcomes

  • Uniform verification mechanism: Both payment and message blinded paths now share the same authentication logic.
  • Smaller payloads: The final ReceiveTlvs are noticeably reduced in size, making blinded paths lighter.

Follow-Up Preparation

This PR also lays the groundwork for introducing dummy payment hops in a follow-up PR.
By minimizing per-hop authentication data, we keep dummy hops compact — preserving overall path size and ensuring that forward and dummy TLVs are padded to the same length, improving hop indistinguishability and privacy.

@ldk-reviews-bot
Copy link

ldk-reviews-bot commented Sep 25, 2025
edited
Loading

I've assigned @jkczyz as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

@shaavan
Introduce ReceiveAuthKey-based verification in Blinded Payment Paths
0b95789 
Extends the work started in
[PR#3917](lightningdevkit#3917)
by adding ReceiveAuthKey-based verification for Blinded Payment Paths.

This reduces space previously taken by individual ReceiveTlvs and
aligns the verification logic with that used for Blinded Message Paths.
@shaavan
Cleanup: Remove redundant (hmac, nonce) from codebase
13c4041 
Now that we have introduced an alternate mechanism for authentication
in the codebase, we can safely remove the now redundant (hmac, nonce)
fields from the Payment ReceiveTlvs's while maintaining the security
of the onion messages.
@codecov Codecov
Copy link

codecov bot commented Sep 25, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 80.28169% with 28 lines in your changes missing coverage. Please review.
✅ Project coverage is 88.49%. Comparing base (9514637) to head (13c4041).

Files with missing lines Patch % Lines
lightning/src/ln/onion_payment.rs 65.21% 6 Missing and 2 partials ⚠️
lightning/src/blinded_path/payment.rs 70.83% 3 Missing and 4 partials ⚠️
lightning/src/ln/blinded_payment_tests.rs 75.00% 7 Missing ⚠️
lightning/src/routing/router.rs 62.50% 3 Missing ⚠️
lightning/src/ln/onion_utils.rs 0.00% 2 Missing ⚠️
lightning/src/ln/msgs.rs 94.11% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #4126      +/-   ##
==========================================
- Coverage   88.57%   88.49%   -0.08%     
==========================================
  Files         179      179              
  Lines      134374   134311      -63     
  Branches   134374   134311      -63     
==========================================
- Hits       119016   118861     -155     
- Misses      12604    12699      +95     
+ Partials     2754     2751       -3
Flag Coverage Δ
fuzzing 21.26% <4.08%> (-0.55%) ⬇️
tests 88.33% <80.28%> (-0.08%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@ldk-reviews-bot
Copy link

🔔 1st Reminder

Hey @jkczyz! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.

@ldk-reviews-bot
Copy link

🔔 2nd Reminder

Hey @jkczyz! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.

@ldk-reviews-bot
Copy link

🔔 3rd Reminder

Hey @jkczyz! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jkczyz jkczyz Awaiting requested review from jkczyz

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@shaavan @ldk-reviews-bot